# 计算机安全代写 | COSC2536/2537 Security in Computing and Information Technology

这个作业是完成各类加密算法

School of Science

COSC2536/2537 Security in Computing and Information Technology

Assignment 1

Assessment Type: Individual assignment; no group work. Submit online via Canvas→Assignments→Assignment 1.

Marks awarded for meeting requirements as closely as possible. Clarifications/updates may be made via announcements/relevant discussion forums.

Due date: Week 5, Sunday the 5th April 2020 11:59pm

As this is a major assignment in which you demonstrate your understanding, a university standard late penalty of 10% per each working day applies for up to 5 working days late, unless special consideration has been granted.

Weighting: 15 marks (Contributes 15% of the total Grade)

Overview

The objective of Assignment 1 is evaluating your knowledge on the topics covered in Lecture 1-4. Topics include Basic Cryptographic Techniques, Data Encryption Standard (DES), and Public-Key Techniques (RSA and ElGamal cryptosystems). Assignment 1 will focus on developing your abilities in application of knowledge, critical analysis and decision making. Assignment 1 contains several problems related to the topics mentioned above. You are required to prepare the solutions and upload them as a single PDF or Word document in CANVAS.

In this assignment, there are 5 (five) questions in total. The first question Q1 is on Playfair Cipher. Q1 has three parts. In the first part, you are expected to construct a Playfair Matrix. In the second part, you are expected to perform Playfair encryption. In the last part, you are expected to analyse the possible keys of Playfair Cipher.

The second question Q2 is on Security Analysis. The term security analysis is used to breach security systems and gain access to the contents of encrypted messages, even if the secret key is unknown. Therefore, you are expected to apply security analysis in order to obtain plaintext from the given ciphertext in Q2.

The third question Q3 is about the Data Encryption Standard (DES). Q3 has two parts. In the first part, you are expected to generate the first round key of DES. In the second part, you are expected to perform one round encryption of DES completely. Through this question, you are expected to understand the encryption process of DES in details.

The fourth question Q4 is related to RSA Encryption Algorithm and break the RSA Algorithm. This question has three parts. In this first part, you are expected to demonstrate your understanding of the RSA encryption algorithm. Values of required parameters are provided including the plaintext or message M and you should demonstrate the key generation, encryption and decryption processes with detail computations and brief explanations. Marks will be deducted if you fail to show the detail computation correctly, skip the computation steps, or do not provide explanations. In the second part, you are expected to determine the plaintext M from the ciphertext C without knowing the RSA private-key. Public-key parameters and ciphertext are provided to you. You should demonstrate the detail steps with explanations how the RSA encryption algorithm can be broken. Marks will be deducted if you fail to show the detail computation correctly, skip the computation steps, or do not provide explanations. The last part is to analyze the security of RSA.

The fifth question Q5 is related to ElGamal Encryption Algorithm. The question has two parts. In the first part, you are expected to demonstrate your understanding of the ElGamal encryption algorithm. Values of required parameters are provided including the plaintext or message M and you should demonstrate the key generation, encryption and decryption processes with detail computations and brief explanations. Marks will be deducted if you fail to show the detail computation correctly, skip the computation steps, or do not provide explanations. In the second part, you are expected to compare RSA and ElGamal algorithms.

Develop this assignment in an iterative fashion (as opposed to completing it in one sitting). You should be able to start preparing your answers immediately after the Lecture-1 (in Week-1). At the end of each week starting from Week-1 to Week-4, you should be able to solve at least one question.

If there are questions, you may ask via the relevant Canvas discussion forums in a general manner.

Overall, you must follow the following special instructions:

You must use the values provided in the questions.

Hand-written answers are not allowed and will not be assessed. Compose your answers using any word processing software (e.g. MS Word).

You are required to show all of the steps and intermediate results for each question.

Upload your solution as a single PDF or Word document in CANVAS.

Assessment Criteria

This assessment will determine your ability to:

Follow requirements provided in this document and in the lessons.

Independently solve a problem by using security concepts taught over the first four weeks of the course.

Meeting deadlines.

Learning Outcomes

This assessment is relevant to the following Learning Outcomes:

understand the fundamentals of security techniques.

analyse the security limitations of early security techniques.

learn the fundamentals of security analysis.

learn how the Data Encryption Standard (DES) works.

lean public-key encryption techniques.

Assessment details

Please ensure that you have read Section 1 to 3 of this document before going further. Assessment details (i.e. question Q1 to Q5) are provided in the next page.

Q1. Playfair Cipher (Marks: 2)

The best-known multiple-letter encryption cipher is the Playfair Cipher, which treats pairs in the plaintext as single units and translates these units into ciphertext pairs.

Construct a Playfair matrix with your full name.

Encrypt your tutor’s full name with the Playfair matrix constructed in (a).

How many possible keys does the Playfair cipher have? Express your answer as an approximate power of 2.

Some Playfair keys produce the same encryption results. If Playfair keys which produce the same encryption results are considered to be equivalent, how many different keys does the Playfair cipher have?

Q2. Security Analysis (Marks: 2)

Assume that the following ciphertext has been produced using a monoalphabetic cipher. Please note that it may not be a general Caser substitution. The ciphertext is as follows:

EMHYZBOMEF VY BZYN NCJVAMIIC QVYNEVWUNFQ NSEZUGS YJMB FBMVI MNNMAKY. NSF YJMB FBMVI OVII SMRF MH MNNMASBFHN QVYGUVYFQ MY M IFGVNVBMNF TVIF ZE OVII VHAIUQF M UEI IVHK VH NSF WZQC ZT NSF FBMVI. VT NSF TZEBFE BFNSZQ VY UYFQ, NSF EMHYZBOMEF JEZGEMB VY MANVRMNFQ MY YZZH MY NSF MNNMASBFHN VY ZJFHFQ MHQ OVNSVH YFAZHQY, YNMENY NZ FHAECJN TVIFY ZH NSF QFRVAF. VT NSF MNNMAK RFANZE VY M IVHK, UJZH AIVAKVHG VN NSF UYFE VY NMKFH NZ M OFW JMGF OSFEF NSF EMHYZBOMEF VY QFIVRFEFQ NZ NSF QFRVAF UHWFKHZOHYN NZ NSF UYFE. NSF BMIVAVZUY JEZGEMBY ZE YVNFY ZTNFH UYF FXJIZVN KVNY NZ QFNFAN VT NSFEF MEF YFAUEVNC RUIHFEMWVIVNVFY VH NSF QFRVAF’Y ZJFEMNVHG YCYNFB ZE MJJIVAMNVZHY NSMN AMH WF UYFQ NZ QFIVRFE MHQ MANVRMNF NSF EMHYZBOMEF. MQQVNVZHMIIC, ACWFE AEVBVHMIY BMC UNVIVDF FXVYNVHG FXJIZVNY MY YFFH VH NSF EFAFHN OMHHMAEC MNNMAK, OSVAS NZZK MQRMHNMGF ZT M OFII-QZAUBFHNFQ OVHQZOY RUIHFEMWVIVNC KHZOH MY FNFEHMIWIUF.

Find the plaintext with frequency analysis technique, and please show the analysing steps (refer to Q6 of Tutorial 1)

Q3. Data Encryption Standard (Marks: 4)

The Data Encryption Standard is a symmetric-key block Cipher based on Feistel structure. It uses 16 rounds of Feistel structure. This question provides a numerical example of encryption using a one round version of DES. Assume that you are sending your student ID and your full name to your tutor and decide to encrypt the information with DES.

Start with the following input:

K (key): Hexadecimal – 0 1 2 3 4 5 6 7 8 9 A B C D E F

Binary – 0000 0001 0010 0011 0100 0101 0110 0111 1000 1001 1010 1011 1100 1101 1110 1111

P (plaintext): your student ID and your full name

Binary – please covert your student ID and your full name into ASC II codes

Now perform a round of encryption on the first 64-bit plaintext using DES, writing out the following steps:

Derive K1, the first-round sub-key

Derive L0 and R0

Expand R0 to get E[R0], where E[·] is the expansion function

Calculate A=E[R0]⨁K1

Group the 48-bits result of (d) into sets of 6 bits and evaluate the corresponding S-box substitutions

Concatenate the results of (e) to a 32-bit result, B

Apply the permutation to get P(B)

Calculate R1=P(B) ⨁L0

Write down the result of ciphertext (L1,R1)

Count the numbers of substitutions and permutations in the round of encryption.

Q4. RSA Encryption Algorithm / Breaking RSA (Marks: 4)

Say, Alice and Bob are two agents in the federal security services. Alice wants to send a secret message to Bob by encrypting the secret message. In other words, Alice is the sender and Bob is the receiver of the secret message. However, Alice and Bob have never contacted before. Therefore, they do not have any shared secret key. As a result, they have to use Public-Key Encryption techniques. Bob generates public and private keys using RSA encryption algorithm and sends the public key to Alice. Alice encrypts her secret message using RSA encryption and sends the encrypted message to Bob. Consider that Alice has a secret message M=2345 to send to Bob. Bob uses parameter p = 1483 and q = 761, and chooses the largest prime factor of your student number as the public key e. What is the private key of Bob? How would Alice encrypt message M=2345? How would Bob decrypt the encrypted message C with the private key? You need to show every step.

By integer factorisation, we may be able to decrypt the RSA ciphertext without knowing the private key. Say, Trudy is an intelligent hacker who knows RSA encryption algorithm and integer factorisation very well. Hence, she has been hired by someone who wants to know the secret message between Alice and Bob. Trudy uses her understanding on the integer factorisation-based RSA security analysis techniques for retrieving Alice and Bob’s secret message. Assume that Alice wants to send a message to Bob. Bob generates public and private keys using RSA encryption algorithm and publishes the public key (n=614281, e=47). Alice has a secret message M to send. She encrypts the message M using the public key and generates the ciphertext C=11184. Alice sends the encrypted message C=11184 to Bob. Trudy captures the encrypted message C=11184. She also has the public key (n=614281, e=47) because it is known to all. How can Trudy decrypt the encrypted message C and find the value of M? Show all the steps. How can Trudy verify if she has computed the correct message or not?

Generate four RSA public modulo n with 64, 112, 256 and 512 bits, respectively. How long does it take to factorise each of the four RSA public modulo n? Show the relation between the size of RSA public modulo n and the time for factorising n with a diagram.

[Hint: Please refer to https://www.mobilefish.com/services/rsa_key_generation/rsa_key_generation.php for key generation.

Please refer to https://www.alpertron.com.ar/ECM.HTM for integer factorisation]

Q5. ElGamal Encryption algorithm (Marks: 3)

From a reliable source, Alice and Bob came to know that their message is being captured by someone. Therefore, Alice and Bob decide to use ElGamal encryption algorithm for their next communication. Alice has a message M=50 to send to Bob. Bob chooses p=6361, g=19, and x=187. Alice chooses a random number for encryption. Show the encryption and decryption steps.

By solving discrete logarithm, we may be able to decrypt the ElGamal ciphertext without knowing the private key. Suppose that Trudy is an intelligent hacker who knows the ElGamal encryption algorithm and solving discrete logarithm very well. Assume that Alice wants to send a message to Bob. Bob generates public and private keys using the ElGamal encryption algorithm and publishes the public key (p=6361, g=19, y=3328). Alice has a secret message M to send. She encrypts the message M using the public key and generates the ciphertext C=(2941, 1265). Alice sends the encrypted message C to Bob. Trudy captures the encrypted message C. She also has the public key (p=6361, g=19, y=3328). How can Trudy decrypt the encrypted message C and find the value of M? Show all the steps. How can Trudy verify if she has computed the correct message or not?

Compare key generation, encryption/decryption between ElGamal and RSA in terms of performance.

[Hint: Refer to https://www.alpertron.com.ar/DILOG.HTM for solving discrete logarithm.]

Academic integrity and plagiarism (standard warning)

Academic integrity is about honest presentation of your academic work. It means acknowledging the work of others while developing your own insights, knowledge and ideas. You should take extreme care that you have:

Acknowledged words, data, diagrams, models, frameworks and/or ideas of others you have quoted (i.e. directly copied), summarised, paraphrased, discussed or mentioned in your assessment through the appropriate referencing methods,

Provided a reference list of the publication details so your reader can locate the source if necessary. This includes material taken from Internet sites.

If you do not acknowledge the sources of your material, you may be accused of plagiarism because you have passed off the work and ideas of another person without appropriate referencing, as if they were your own.

RMIT University treats plagiarism as a very serious offence constituting misconduct. Plagiarism covers a variety of inappropriate behaviours, including:

Failure to properly document a source

Copyright material from the internet or databases

Collusion between students

For further information on our policies and procedures, please refer to the University website.

Assessment declaration

When you submit work electronically, you agree to the assessment declaration.

Rubric/assessment criteria for marking

All of the computations must be correct and only provided values must be used. Instructions must be followed.

Criteria

The characteristic or outcome that is being judged. Total

Question 1

Playfair Cipher

Answer (a), (b), (c) and (d) correctly

Step-by-step processes of encryption are shown

2 Mark Answer two out of (a), (b), (c) and (d) correctly

1 Mark Answer one out of (a), (b), (c) and (d) correctly

0.5 Marks None of (a), (b), (c) and (d) is correct

Not answered

0 Mark 2 Marks

Question 2

Security Analysis

Plaintext is correct

Steps are shown in a systematic way using frequency analysis technique

2 Marks Plaintext is correct

But steps are not shown in a systematic way using frequency analysis technique

1 Mark Plaintext is partially correct

But steps are shown in a systematic way using frequency analysis technique

0.5 Marks Plaintext is not correct at all

Or

Plaintext is correct but frequency analysis technique is not used

Or

Not answered

0 Mark 2 Marks

Question 3

Data Encryption Standard

Answer (a)-(j) correctly

All of the values are shown correctly

4 Marks ¾ of (a)-(j) are answered correctly

3 Marks ½ of (a)-(j) are answered correctly

2 Marks ¼ of (a)-(j) are answered correctly

1 Mark

None of (a)-(j) are answered correctly

Not answered

0 Mark 4 Marks

Question 4

RSA Encryption algorithm / Breaking RSA

(a), (b), (c) are answered correctly

Step-by-step processes of both encryption and decryption are shown

Steps are shown in a systematic way

All of the computations are shown correctly in detail

Marks Answer (a) and (b) correctly

Step-by-step processes of both encryption and decryption are shown

Steps are shown in a systematic way

Answer (c) incorrectly

3 Marks Answer two out of (a), (b),(c) correctly.

Step-by-step processes of encryption and decryption are shown correctly at least in half of answers to (a), (b), (c)

2 Marks Answer one out of (a), (b),(c) correctly.

Step-by-step processes of encryption and decryption are shown correctly at least in ¼ of answers to (a), (b), (c)

1 Mark None of the steps are shown correctly

Or

Calculations are not shown in detail

Or

Not answered

0 Mark 4 Marks

Question 5

ElGamal Encryption algorithm

(a), (b), (c) are answered correctly

Step-by-step processes of both encryption and decryption are shown

Steps are shown in a systematic way

All of the computations are shown correctly in detail

3 Marks Answer (a) and (b) correctly

Step-by-step processes of both encryption and decryption are shown

Steps are shown in a systematic way

Answer (c) incorrectly

2 Marks Answer two out of (a), (b),(c) correctly.

Step-by-step processes of encryption and decryption are shown correctly at least in half of answers to (a), (b), (c)

1.5 Marks Answer one out of (a), (b),(c) correctly.

Step-by-step processes of encryption and decryption are shown correctly at least in 1/3 of answers to (a), (b), (c)

1 Mark None of the steps are shown correctly

Or

Calculations are not shown in detail

Or

Not answered

0 Mark 3 Marks